Oracle Linux Security Advisory ELSA-2023-13019

https://linux.oracle.com/errata/ELSA-2023-13019.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.81.2.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.81.2.el7uek.noarch.rpm
kernel-uek-4.1.12-124.81.2.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.81.2.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.81.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.81.2.el7uek.x86_64.rpm


SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.1.12-124.81.2.el7uek.src.rpm

Related CVEs:

CVE-2023-39192
CVE-2023-39193
CVE-2023-4207
CVE-2023-45862




Description of changes:

[4.1.12-124.81.2.el7uek]
- rebuild bumping release

[4.1.12-124.81.1.el7uek]
- netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa)  [Orabug: 35923500]  {CVE-2023-39193}
- USB: ene_usb6250: Allocate enough memory for full object (Kees Cook)  [Orabug: 35924058]  {CVE-2023-45862}
- netfilter: xt_u32: validate user space input (Wander Lairson Costa)  [Orabug: 35923470]  {CVE-2023-39192}
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (valis)  [Orabug: 35707466]  {CVE-2023-4207}


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2023-13019: kernel Important Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[4.1.12-124.81.2.el7uek] - rebuild bumping release [4.1.12-124.81.1.el7uek] - netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) [Orabug: 35923500] {CVE-2023-39193} - USB: ene_usb6250: Allocate enough memory for full object (Kees Cook) [Orabug: 35924058] {CVE-2023-45862} - netfilter: xt_u32: validate user space input (Wander Lairson Costa) [Orabug: 35923470] {CVE-2023-39192} - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35707466] {CVE-2023-4207}

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.1.12-124.81.2.el7uek.src.rpm

x86_64

kernel-uek-doc-4.1.12-124.81.2.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.81.2.el7uek.noarch.rpm kernel-uek-4.1.12-124.81.2.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.81.2.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.81.2.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.81.2.el7uek.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2023-39192 CVE-2023-39193 CVE-2023-4207 CVE-2023-45862

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo